how to disable grey pop ups without turning off messenger service?

  • Thread starter Thread starter John
  • Start date Start date
J

John

Hello,

Is there a way to prevent the annoying gray popups at the router? Are IT
people use the net send command to notify that a server is being rebooted
etc...We have a cisco router is there a port we can close for these pop ups?
Thanks in advance.

John
 
Greetings --

If your IT guys don't already know how to do this, you'd better
think about hiring a someone who at least knows the basics of network
security.

Use the firewall to ensure UDP ports 135, 137, and 138 and TCP
ports 135, 139, and 445 are _all_ blocked. You may also disable
Inbound NetBIOS (NetBIOS over TCP/IP). You'll have to follow the
instructions from firewall's manufacturer for the specific steps.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Nice advice Bruce,
To close particular ports. Quite generic. The real question is how?

In XP's there is one TCP/IP port handling menu, but it permits only either
all ports open or list all permitted ones. Seemingly there is no way to
assign those ports I want to close. The ketch is to know all the ports
required from the 60 thousands like possibilities and declare them one by
one. Instead of the logical inverse, list only the bad guys.

There is a text file with services and ports in the same directory as the
hosts file. Is it active? But anyway it looks like only a small percentage
of all services are listed in it.

Is there any work around in XP pro to close a port or make it stealth?
Presently it looks like dark science :-)

One of the most important port closing seems to be the ping port witch
responds to hackers automatically generated scans if open.
 
Greetings --

As I said, your IT folks should already know how to do this if
they're qualified for their jobs. Because you didn't specify exactly
what firewall or proxy server applications your IT department has in
place to protect your LAN, all anyone _can_ provide is "generic"
advice -- the specific "hows" depend entirely upon the applications
being used.

I don't understand why you've raised the issue of WinXP's built-in
firewall. The WinXP firewall is not designed for use on a LAN, at
all. It's intended for stand-alone PCs that connect directly to the
Internet. Because of this, it's also not very configurable. By
default, most ports are closed, and only those used by known,
installed applications are opened.

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Beating around the bush again. Evidently a stand alone computer is the
question as most of PC owners have no IT department behind them, neither
have they big multilayer networks. True understatement, XP's built in
firewall is not flexible.

For that reason, to imply that it closes all ports from harmful activity on
the net is the opposite end, a gross overstatement. Tests did show
vulnerabilities. Ports are not stealth, sometimes wide open. That is why
closing certain ports is necessary. Closing not used services are highly
advisable too, etc., etc. millions of good advices.

But nobody responds how to do that, just beating around the bush, to remain
diplomatic.
 
Bruce,

Currently we don't have a firewall. We have been using the NAT off of
the Cisco router to block most of the issues, and have been successful for
the most part. We never got the blaster or any of the other worms that have
been plaguing the internet. However I am a peon in the IT department(there
are only 3 of us mostly inexperienced in the network area other guy got the
boot!!!) does any one have a suggestion on a good firewall? Some one told me
Zone Alarms but I defer it to you guys. We have 25 computers here behind the
Cisco router using NAT. What should we change as far and the LAN? Should we
have a gateway with the firewall on it? I appreciate your patience and
suggestions.

John
 
Greetings --

Ideally, a single computer should be acting as your proxy server
and firewall, providing Internet access for the rest of the network.
This gives you one machine to configure and monitor, rather than 25.
If that's not within your budget, the Cisco router with NAT is better
than nothing, but you still need firewall protection on each internal
workstation to guard against unauthorized outbound traffic.

ZoneAlarm, Kerio, or Sygate are all much better, and there are a
free versions available. Personally, I've been very happy with
Symantec's Norton Internet Security 2002 (NIS 2004 is now available),
which includes Norton AntiVirus, Norton Personal Firewall, parental
controls, privacy controls, and ad blocking.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Back
Top